Moxa Eds-510E Firmware vulnerabilities

CVE-2020-6991 [CRITICAL] CWE-521 CVE-2020-6991: In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an att In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force.

CVE-2020-6981 [CRITICAL] CWE-798 CVE-2020-6981: In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system w In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication.

CVE-2020-7007 [CRITICAL] CWE-121 CVE-2020-7007: In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service.

CVE-2020-7001 [HIGH] CWE-327 CVE-2020-7001: In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptograp In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.

CVE-2020-6997 [HIGH] CWE-319 CVE-2020-6997: In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over s In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext.

CVE-2020-6979 [HIGH] CWE-321 CVE-2020-6979: In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryp In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered.